Portable keying device and method

ABSTRACT

A portable encryption key installation system is disclosed that includes a portable keying device for installing a data communications encryption key in an electronic terminal. The portable keying device securely reprograms the encryption key in the electronic terminal without having to remove the terminal from its shipping container or ship the electronic terminal offsite. Furthermore, the portable keying device securely reprograms the encryption key in the electronic terminal without having to dismantle the terminal, deactivate any anti-tampering features, or re-bond the terminal.

CROSS REFERENCE TO RELATED APPLICATIONS

The present application claims the benefit of U.S. patent applicationSer. No. 12/082,079 for a Portable Keying Device and Method filed Apr.8, 2008, now U.S. Pat. No. 9,137,009, which claims the benefit of U.S.patent application Ser. No. 09/854,756 for a Portable Keying Device andMethod filed May 14, 2001, now U.S. Pat. No. 7,376,234. Each of theforegoing patent applications and patents is hereby incorporated byreference in its entirety.

FIELD OF THE INVENTION

The present invention relates generally to transaction terminals, andparticularly to the installation of security keys in transactionterminals.

BACKGROUND

Electronic terminals such as point of sale (POS) terminals are becomingubiquitous in our society. These terminals include credit, debit, andcheck authorization capabilities. Some of these devices are used asstandalone devices and some are networked using LAN technology. Becauseof the sensitive financial information being transmitted and received bythese electronic terminals, security is a critical issue. In order toprovide security, electronic terminals employ data encryption.Encryption devices scramble readable data to produce cipher text. Mostof the terminals use an encryption key as part of the encryptionprocess. An encryption key is a block of data that is combined with thereadable input data to produce the cipher text. For example, theencryption key and the input data can be combined using an exclusive ORfunction. On the other hand, the Data Encryption Standard (DES)algorithm is often used to combine an encryption key with input data toproduce the cipher text. The DES algorithm employs a 56 bit encryptionkey to produce the cipher text. The use of an encryption key isconsidered to be more secure than scrambling the input data.

Another security issue relates to tamper protection. Typically, allsecure information such as encryption keys are stored in SRAM or PROM.In one approach, if the processor detects a downloading operation thatmay result in security information being compromised, the processordeletes the security information.

In another approach, tamper detection switches are employed to preventphysical tampering of the terminal. If the top enclosure of the terminalis separated from the main printed circuit board, or if the “trap door”is opened in the bottom of the enclosure, the detection switches arethrown. The operating system of the terminal is programmed to erase thesecurity information in response to the signals received from theswitches. In another approach, ultrasonic bonding is often used toprovide evidence that someone attempted to open the terminal device.

While the above described methods are effective in terms of preventingor monitoring tampering, there are problems associated with thesemethods. Under certain circumstances the security information loadedinto the electronic terminal must be changed or updated. Oftentimes itis desirable to change the security information loaded into theelectronic terminal at the factory before the first use. At this point,the terminal must be shipped to the factory or to a servicingorganization to be reprogrammed. Subsequently, the terminal is unboxed,the anti-tampering features are deactivated, the security information isreloaded, the terminal re-bonded and the terminal is repackaged. Thesesteps are inefficient, time consuming and costly.

What is needed is a method of securely reprogramming the securityinformation in an electronic terminal without having to remove theterminal from its shipping container, dismantle the terminal, deactivatethe anti-tampering features, reload the security information, andre-bond the terminal. Further, what is needed is a method of securelyreprogramming the security information in an electronic terminal withouthaving to ship the terminal off site.

SUMMARY

A portable encryption key installation system is disclosed that includesa portable keying device for installing a data communications encryptionkey in an electronic terminal.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagrammatic depiction of a portable key installation systemin accordance with one embodiment of the present invention.

FIG. 2 is a perspective view of a portable key installation systemdepicted in FIG. 1.

FIG. 3 is a chart showing a method for installing a security key in anelectronic terminal using a portable device.

FIG. 4 is a chart showing a method for installing security keys in aplurality of electronic terminals using the portable device.

FIGS. 5A and 5B are diagrammatic depictions of an electronic terminal inaccordance with a second embodiment of the present invention.

FIG. 6 is a diagrammatic depiction of an electronic terminal inaccordance with a third embodiment of the present invention.

FIG. 7 is a diagrammatic depiction of an electronic terminal inaccordance with a fourth embodiment of the present invention.

DETAILED DESCRIPTION

Reference will now be made in detail to the present exemplaryembodiments of the invention, examples of which are illustrated in theaccompanying drawings. Wherever possible, the same reference numberswill be used throughout the drawings to refer to the same or like parts.An exemplary embodiment of the portable key installation system of thepresent invention is shown in FIG. 1, and is designated generallythroughout by reference numeral 10.

In accordance with the invention, the present invention for a portablekey installation system includes a portable keying device for installinga data communications encryption key in an electronic terminal. Theelectronic terminal including a secure encryption key memory locationfor storing the at least one data communications encryption key. Theportable keying device includes a memory for storing the at least onedata communications encryption key. A processor that is operative togenerate a secure installation message, the secure installation messageincluding the at least one data communications encryption key. Acommunications unit is coupled to the processor. The communications unitis operative to transmit the installation message in a predeterminedformat to the electronic terminal.

Thus, the present invention provides a system and method for securelyreprogramming the security information in an electronic terminal withouthaving to ship the electronic terminal off site. The present inventionprovides a system and method for securely reprogramming the securityinformation in an electronic terminal without having to remove theelectronic terminal from its shipping container, dismantle the terminal,deactivate the anti-tampering features, reload the security information,and re-bond the terminal.

As embodied herein, and depicted in FIG. 1 a diagrammatic depiction of aportable key installation system in accordance with one embodiment ofthe present invention is disclosed. System 10 includes portable keyingdevice 100 and electronic terminal 200.

Portable keying device 100 includes I/O circuit 12, processor 14, RAM16, EROM 18, key memory 20 and RF controller 22 coupled by way of systembus 28. RF controller 22 is connected to RF transceiver 24. RFtransceiver 24 is connected to antenna 26. In one embodiment, I/Ocircuit 12 is coupled to a keypad which is used to input the encryptionkey. In yet another embodiment, an initial key download is performed viathe keypad or the external device. Subsequently, processor 14 uses theinitial key to generate encryption keys for a plurality of devices byrunning a secure key generation algorithm.

It will be apparent to those of ordinary skill in the pertinent art thatmodifications and variations can be made to processor 14 of the presentinvention depending on cost and programming considerations. For example,in one embodiment processor 14 is implemented using an 8 bit“programmable system-on-a-chip” device, of the type manufactured byCypress Semiconductor. One of ordinary skill in the art will recognizethat 16 bit and 32 bit devices can also be used, in addition to other 8bit devices.

It will be apparent to those of ordinary skill in the pertinent art thatmodifications and variations can be made to EROM 18 and key memory 20 ofthe present invention depending on cost, security, andre-programmability considerations. In one embodiment key memory 20 isactually a memory location within EROM 18. For example, in the 8 bitmicro-controller embodiment, EROM 18 and key memory 20 are implementedusing 32 kbytes of embedded ROM. RAM 16 is implemented using 1 kbyte ofembedded RAM. In another embodiment, key memory 20 is implemented usinga separate memory device. In general key memory 20 is implemented usingnon-volatile memory such as EPROM, Flash EPROM, battery backed RAM, orFerro RAM (FRAM). Re-programmability is an issue in the keying devicebecause the device is reusable to reprogram any number of terminals 200.

It will be apparent to those of ordinary skill in the pertinent art thatmodifications and variations can be made to RF controller 216, RFtransceiver 218, and antenna 220 of the present invention depending oncost and implementation considerations. For example, in FIG. 1 and FIG.2, a low power/close proximity RF system is depicted. In thisembodiment, transceiver 24 outputs approximately 1 milliwatt and has aneffective range of about 1 meter of less. In another embodiment, the RFcomponents are replaced altogether by an infrared optical communicationssystem. In yet another embodiment, the RF components are replaced by anaudio communications system that employs DTMF technology.

Referring back to FIG. 1, any type of electronic terminal 200 can beemployed in system 10 of the present invention. In one embodiment,electronic terminal 200 is a simple hard wired terminal. In otherembodiments, terminal 200 is a keypad, signature pad, card reader, barcode reader, or a POS retail transaction terminal. In yet anotherembodiment, electronic terminal 200 is a standalone unit. In analternate embodiment, electronic terminal 200 is networked to a LAN. Inthe example depicted in FIG. 1, electronic terminal 200 includes I/Ocircuit 202, processor 204, RAM 206, EROM 208, key memory 214 and RFcontroller 216 coupled by way of system bus 222. In this example,terminal 200 includes imaging assembly 208 for image scanning purposes.Image assembly 208 is controlled by processor 204. Imaging datagenerated by image assembly 208 is written into RAM 206 by way of DMAchannel 210. RF controller 216 is connected to RF transceiver 218. RFtransceiver 218 is connected to antenna 220.

In another embodiment, processor 204 includes a general purposeprocessor and an additional processor to handle secure informationincluding the encryption key. In this embodiment, the additionalprocessor is programmed to handle I/O functions involving a keypad anddisplay. Key memory 214 is embedded in the security processor.

It will be apparent to those of ordinary skill in the pertinent art thatmodifications and variations can be made to key memory 214 of thepresent invention depending on cost, security, and re-programmabilityconsiderations. In one embodiment key memory 214 is actually a memorylocation within EROM 18. In another embodiment, key memory 214 isimplemented using a separate memory device. In general key memory 214 isimplemented using non-volatile memory such as EPROM, Flash EPROM,battery backed SRAM, or Ferro RAM (FRAM). One of the re-programmabilityconsiderations relates to the programming voltage required by key memory214. Some memory devices require an additional programming voltage, overand above the normal system operating voltage, before being enabled toreprogram the contents of the memory.

With respect to the other components of terminal 200 depicted in FIG. 1,modifications and variations are dependent on the type and complexity ofterminal 200. Further, the communications components are dependent onthe type of communications components present in portable keying device100.

As embodied herein, and depicted in FIG. 2, a perspective view of theportable key installation system depicted in FIG. 1 is disclosed.Electronic terminal 200 includes housing 230, which accommodates keypad232, display 234, card reader 236, cable 238, and antenna 220. Asdiscussed above, terminal 200 can be a standalone terminal or anetworked device. Portable keying device 100 includes housing 102,keypad 120, and liquid crystal display 122. FIG. 2 illustrates a securecommunications protocol that avoids accidental erasure or reprogrammingof the encryption key stored in key memory 214. In this embodiment,additional security is provided by keying system 10 by employing RFcomponents that include proximity features. The proximity featuresinclude power level S, angular directivity 0, and polarity P. Of course,the effective range of keying device 10 is a function of the power. If,for example, portable keying device 100 is not within 1 meter, and isnot pointing at antenna 220 (within, e.g., ˜15°, and does not emit an RFsignal having a polarity that is matched to the RF system in terminal200, the re-programming attempt will be unsuccessful.

As embodied herein, and depicted in FIG. 3, a chart showing a method forinstalling a security key in an electronic terminal using a portabledevice is disclosed. In step S300, portable device 100 and electronicterminal exchange handshaking messages. First, portable device 100 mustsatisfy the distance, angular directivity, and polarity requirementsdiscussed above. Second, portable device 100 and electronic terminal 200exchange authentication codes. Subsequently, in step S302, portabledevice 100 transmits an authorization code to electronic terminal 200.The transmitted authorization code must match the authorization codestored in EROM 212 of terminal 200. If the authorization codes match,portable device 100 transmits an installation message in step S304. Theinstallation message includes the encryption key to be installed. Instep S306, terminal 200 retransmits the encryption key to portabledevice 100. Portable device 100 validates the key by comparing the keythat it received from terminal 200 in step S306 with the key it sent toterminal 200 in step S304. If the two keys do not match, portable device100 performs step S304 over again. As shown in steps S308-S314, device100 displays an error message to the user after several unsuccessfulattempts, indicating that a successful transfer of the key could not beperformed. If the key is validated in step S306, processor 204 writesthe encryption key into secure key memory 214 in step S316.

In an alternate embodiment, step S306 includes additional steps.Portable device 100 transmits a test encryption key that it believes iscurrently being stored in key memory 214. If the test encryption keymatches the current encryption key, terminal 200 transmits anacknowledgment signal. If the keys do not match, the installationprocedure is aborted. Upon receiving the acknowledgment signal, portabledevice 100 transmits the new encryption key to terminal 200. If the newkey is validated in step S306, processor 204 writes the encryption keyinto secure key memory 214, and the procedure is complete.

As embodied herein and depicted in FIG. 4, a chart showing a method forinstalling security keys in a plurality of electronic terminals isdisclosed. As shown in step S400, an initial key is downloaded intomemory 16 of portable keying device 100. This step can be performedusing keypad 120, or performed electronically using an externalcomputer, or some other such device. Processor 14 uses the initial keyto generate encryption keys for a plurality of devices by running asecure key generation algorithm. In step S402, the algorithm is used togenerate one encryption key. In step S404, the method depicted in FIG. 3is employed to install the encryption key in the first terminal. Ifthere are additional terminals to be programmed, steps S402-S406 arerepeated until encryption keys are installed in all of the terminals200.

As embodied herein, and depicted in FIG. 5A, a diagrammatic depiction ofelectronic terminal 200 in accordance with a second embodiment of thepresent invention is disclosed. In this embodiment, key memory 214requires an external programming voltage. As described above, terminal200 includes processor 204, key memory 214, transceiver 218, and antenna220. In this example it is assumed that terminal 200 is boxed in ashipping container of some sort. Thus, terminal 200 is not connected toany external power supply. However, terminal 200 includes diode 240,normal operating voltage supply 250, and programming voltage supply 260.Normal operating voltage supply 250 includes capacitor 252, capacitor254, and voltage regulator 256. Programming operating voltage supply 260includes capacitor 262, capacitor 264, and voltage regulator 266. Whenportable device 100 transmits an RF signal to terminal 200, diode 240rectifies the AC-RF signal and prevents any return signal from damagingthe RF components. The resultant DC signal is used to charge upcapacitors 252, 254, 262 and 264. Voltage regulator 256 ensures that thepower supplied to terminal 200 is within system operating parameters.Voltage regulator 266 ensures that memory 214 receives an acceptableprogramming voltage. In response to the normal operating voltagesupplied by supply 250, terminal 200 is energized and ready for keyinstallation. At the proper time, e.g. during step S308 (See FIG. 3),processor 204 activates switch 262 and supply 260 provides memory 214with the programming voltage required to store the new encryption keytherein. FIG. 5B is an alternative embodiment of FIG. 5A. In thealternative embodiment, switch 262 is connected to the output of normaloperating voltage supply 250 instead of being connected to the input ofkey memory 214 as in FIG. 5A. Functionally, there is very littledifference between the two alternative embodiments.

As embodied herein, and depicted in FIG. 6, a diagrammatic depiction ofan electronic terminal in accordance with a third embodiment of thepresent invention is disclosed. In this embodiment, battery 242 isincluded within terminal 200 to provide a normal operating voltage.Diode 240 is included to rectify the RF signal and prevent any returnsignals from damaging the RF components. Programming operating voltagesupply 250 is included to provide programming voltage to key memory 214.Programming operating voltage supply 250 includes capacitor 254,capacitor 256, and voltage regulator 258. When portable device 100transmits an RF signal to terminal 200, diode 240 rectifies the AC-RFsignal. The resultant DC signal is used to charge up capacitors 254 and256. Again, at the proper time, e.g. during step S308 (See FIG. 3),processor 204 activates switch 252 and supply 250 provides memory 214with the programming voltage required to store the new encryption keytherein.

As embodied herein, and depicted in FIG. 7, a diagrammatic depiction ofan electronic terminal in accordance with a fourth embodiment of thepresent invention is disclosed. In this embodiment, the requiredprogramming voltage is supplied internally. Battery 240 is includedwithin terminal 200 to provide both the normal operating voltage and theprogramming voltage. In this embodiment battery 240 is coupled toprogramming voltage supply 250. Programming voltage supply 250 isidentical to those depicted in FIG. 5A, FIG. 5B, and FIG. 6. Sincebattery 240 supplies DC voltage to capacitors 254 and 256, no rectifyingdiode is needed. Yet again, at the proper time, e.g. during step S308(See FIG. 3), processor 204 activates switch 252 and programming supply250 provides memory 214 with the programming voltage required to storethe new encryption key therein.

The present invention addresses the needs discussed above. The presentinvention provides a system and method for securely reprogramming thesecurity information in an electronic terminal without having to shipthe terminal off site. The present invention provides a system andmethod for securely reprogramming the security information in anelectronic terminal without having to remove the terminal from itsshipping container, dismantle the terminal, deactivate theanti-tampering features, reload the security information, and re-bondthe terminal.

One aspect of the present invention is a portable keying device forinstalling a data communications encryption key in at least oneelectronic terminal. The electronic terminal includes a secureencryption key memory location for storing at least one datacommunications encryption key. The device includes a memory device forstoring the at least one data communications encryption key. Acommunications unit is coupled to the memory device, the communicationsunit being operative to transmit the at least one data communicationsencryption key in a predetermined format to the electronic terminal.

In another aspect, the present invention includes a method forinstalling a data communications encryption key in an electronicterminal. The electronic terminal including a secure encryption keymemory location for storing the at least one data communicationsencryption key. The method includes: providing a portable keying device,whereby the portable keying device is physically separated from theelectronic terminal; performing a handshaking routine, whereby thekeying device and the electronic terminal exchange handshaking messages;transmitting an encryption key from the portable keying device to theelectronic terminal; and storing the encryption key transmitted from theportable keying device to the electronic terminal in the secure keymemory location.

In yet another aspect, the present invention includes a portable keyinstallation system for installing a data communications encryption key.The system includes at least one electronic terminal having a secureencryption key memory adapted to store the at least one datacommunications encryption key, and a terminal communications unitcoupled to the secure encryption key memory. A portable keying deviceincludes a memory adapted to store the at least one data communicationsencryption key, and a device communications unit coupled to the memorydevice, the device communications unit being adapted to bi-directionallycommunicate the at least one data communications encryption key in apredetermined format to the terminal communications unit.

Additional features and advantages of the invention are set forth in thedetailed description herein, and in part will be readily apparent tothose skilled in the art from that description or recognized bypracticing the invention as described herein, including the detaileddescription which follows, the claims, as well as the appended drawings.

It is to be understood that the descriptions herein are merely exemplaryof the invention, and are intended to provide an overview or frameworkfor understanding the nature and character of the invention as it isclaimed. The accompanying drawings are included to provide a furtherunderstanding of the invention, and are incorporated in and constitute apart of this specification. The drawings illustrate various embodimentsof the invention and together with the description serve to explain theprinciples and operation of the invention.

There is described herein (A1) A portable keying device for installing adata communications encryption key in at least one electronic terminal,the electronic terminal including a secure encryption key memorylocation for storing at least one data communications encryption key,the device comprising: a memory device for storing the at least one datacommunications encryption key; and a communications unit coupled to thememory device, the communications unit being operative to transmit theat least one data communications encryption key in a predeterminedformat to the electronic terminal. There is also described (A2) Thedevice of A1, wherein the communications unit includes a low power closeproximity RF transceiver. There is also described (A3) The device of A2,wherein the predetermined format includes transmitting an RF signal at apredetermined power level. There is also described (A4) The device ofA3, wherein the predetermined power level is less than or equal to 1 mW.There is also described (A5) The device of A3, wherein the RF signal hasan effective range of less than or equal to a meter. There is alsodescribed (A6) The device of A2, wherein the predetermined formatincludes transmitting an RF signal in a predetermined direction. Thereis also described (A7) The device of A2, wherein the predeterminedformat includes transmitting an RF signal having a predeterminedpolarity. There is also described (A8) The device of A1, wherein the atleast one data communications encryption key is installed in theelectronic terminal in accordance with a predetermined protocol. Thereis also described (A9) The device of A8, wherein the predeterminedprotocol includes: performing a handshaking routine, whereby the keyingdevice and the electronic terminal exchange handshaking messages;transmitting the at least one data communications encryption key fromthe keying device to the electronic terminal in response to a successfulhandshaking routine; validating the step of transmitting byretransmitting the at least one data communications encryption key fromthe electronic terminal to the keying device, whereby the keying devicecompares the transmitted data communications encryption key to theretransmitted data communications encryption key; and storing the atleast one data communications encryption key in the secure encryptionkey memory location in response to a successful step of validating.There is also described (A10) The device of A8, wherein the step ofvalidating includes transmitting a test data communications encryptionkey from the keying device to the electronic terminal. There is alsodescribed (A11) The device of A10, wherein the electronic terminalcompares the test data communications encryption key with a currentlyin-use data communications encryption key stored in the secureencryption key memory location. There is also described (A12) The deviceof A1, wherein the secure encryption key memory location is a memorylocation in non-volatile memory. There is also described (A13) Thedevice of A12, wherein the non-volatile memory includes EPROM. There isalso described (A14) The device of A12, wherein the non-volatile memoryincludes EPROM. There is also described (A15) The device of A12, whereinthe non-volatile memory includes Flash memory. There is also described(A16) The device of A12, wherein the non-volatile memory includesbattery backed RAM. There is also described (A17) The device of A12,wherein the non-volatile memory includes Ferro RAM. There is alsodescribed (A18) The device of A1, wherein the communications unitincludes an optical signaling unit. There is also described (A19) Thedevice of A18, wherein the optical signaling unit is operative totransmit infrared radiation. There is also described (A20) The device ofA1, wherein the communications unit includes an audio signaling unit.There is also described (A21) The device of A20, wherein the audiosignaling unit communicates using DTMF signaling. There is alsodescribed (A22) The device of A1, further comprising an I/O device forreceiving an encryption key from an external source. There is alsodescribed (A23) The device of A22, wherein the I/O device includes akeypad, the keypad being adapted to enter the at least one datacommunications encryption key. There is also described (A24) The deviceof A22, wherein the I/O device includes an external device interfaceadapted to receive the at least one data communications encryption keyfrom an external device. There is also described (A25) The device of A1,further comprising: an I/O device for receiving an initial encryptionkey from an external encryption key source; and a processor coupled tothe I/O device, the processor being programmed to generate the at leastone data communications encryption key from the initial encryption keyusing a secure key generation algorithm. There is also described (A26)The device of A25, wherein the I/O device includes a keypad, the keypadbeing adapted to enter the initial encryption key. There is alsodescribed (A27) The device of A25, wherein the I/O device includes anexternal device interface adapted to receive the initial encryption keyfrom an external device.

There is also described (B1) A method for installing a datacommunications encryption key in an electronic terminal, the electronicterminal including a secure encryption key memory location for storingthe at least one data communications encryption key, the methodcomprising: providing a portable keying device, whereby the portablekeying device is physically separated from the electronic terminal;performing a handshaking routine, whereby the keying device and theelectronic terminal exchange handshaking messages; transmitting anencryption key from the portable keying device to the electronicterminal; and storing the encryption key transmitted from the portablekeying device to the electronic terminal in the secure key memorylocation. There is also described (B2) The method of B1, wherein thestep of performing a handshaking routine includes transmitting anauthorization signal from the portable keying device to the electronicterminal. There is also described (B3) The method of B2, wherein theportable keying device provides the electronic terminal with apredetermined authorization code during the step of transmitting anauthorization signal. There is also described (B4) The method of B1,wherein the step of performing a handshaking routine includestransmitting RF signals having at least one predetermined transmissioncharacteristic. There is also described (B5) The method of B4, whereinthe at least one predetermined transmission characteristic includestransmitting an RF signal having a predetermined range. There is alsodescribed (B6) The method of B4, wherein the at least one predeterminedtransmission characteristic includes transmitting an RF signal in apredetermined direction. There is also described (B7) The method of B4,wherein the at least one predetermined transmission characteristicincludes a transmitting an RF signal having a predetermined polarity.There is also described (B8) The method of claim B4, wherein the atleast one predetermined transmission characteristic includestransmitting an RF signal having a predetermined modulation format thatis characterized by a predetermined programming voltage. There is alsodescribed (B9) The method of B2, wherein the step of transmitting anencryption key further comprises: transmitting the at least one datacommunications encryption key from the keying device to the electronicterminal in response to a successful handshaking routine; validating thestep of transmitting by retransmitting the at least one datacommunications encryption key from the electronic terminal to the keyingdevice, whereby the keying device compares the transmitted datacommunications encryption key to the retransmitted data communicationsencryption key; and storing the at least one data communicationsencryption key in the secure encryption key memory location in responseto a successful step of validating. There is also described (B10) Themethod of B9, wherein the step of validating includes transmitting atest data communications encryption key from the keying device to theelectronic terminal before transmitting the at least one datacommunications encryption key. There is also described (B11) The methodof B10, wherein the step of validating includes the electronic terminalcomparing the test data communications encryption key with a currentlyin-use data communications encryption key stored in the secureencryption key memory location. There is also described (B12) The methodof B1, wherein the step of performing a handshaking routine includestransmitting infrared signals having at least one predeterminedtransmission characteristic. There is also described (B13) The method ofB1, wherein the step of performing a handshaking routine includestransmitting audio signals having at least one predeterminedtransmission characteristic. There is also described (B14) The method ofB13, wherein the audio signals include DTMF signals.

There is also described (C1) A portable key installation system forinstalling a data communications encryption key, the system comprising:at least one electronic terminal having a secure encryption key memoryadapted to store the at least one data communications encryption key,and a terminal communications unit coupled to the secure encryption keymemory; and a portable keying device including a memory adapted to storethe at least one data communications encryption key, and a devicecommunications unit coupled to the memory device, the devicecommunications unit being adapted to bi-directionally communicate the atleast one data communications encryption key in a predetermined formatto the terminal communications unit. There is also described (C2) Thedevice of C1, wherein the terminal communications unit and the devicecommunications unit include low power-close proximity RF transceivers.There is also described (C3) The device of C2, wherein the predeterminedformat includes transmitting an RF signal at a predetermined powerlevel. There is also described (C4) The device of C3, wherein thepredetermined power level is less than or equal to 1 mW. There is alsodescribed (C5) The device of C3, wherein the RF signal has an effectiverange of less than or equal to a meter. There is also described (C6) Thedevice of C2, wherein the predetermined format includes transmitting anRF signal in a predetermined direction. There is also described (C7) Thedevice of C2, wherein the predetermined format includes transmitting anRF signal having a predetermined polarity. There is also described (C8)The system of C2, wherein the at least one electronic terminal includesa programming voltage supply unit, the programming voltage supply unitbeing adapted to convert an RF signal transmitted by the devicecommunications unit into programming voltage to thereby enable thesecure encryption key memory to store the at least one datacommunications encryption key transmitted by the device communicationsunit. There is also described (C9) The system of C8, wherein theprogramming voltage supply unit comprises: at least one capacitorcoupled to the RF transceiver; and a voltage regulator coupled to the atleast one capacitor and the secure encryption key memory. There is alsodescribed (C10) The system of C9, wherein the at least one capacitorincludes a plurality of capacitors. There is also described (C11) Thesystem of C9, further comprising a diode disposed between theprogramming voltage supply unit and the RF transceiver. There is alsodescribed (C12) The system of C90, further comprising a battery coupledto the programming voltage supply unit. There is also described (C13)The system of C9, further comprising a normal voltage supply unit, thenormal voltage supply unit including: at least one second capacitorcoupled to the RF transceiver; and a second voltage regulator coupled tothe at least one second capacitor and the secure encryption key memory.There is also described (C14) The system of C9, further comprising aswitch disposed between the programming voltage supply unit and thesecure encryption key memory, the programming voltage being supplied tothe secure encryption key memory when the switch is closed. There isalso described (C15) The system of C2, further comprising: a batterycoupled to the RF transceiver of the electronic terminal; at least onecapacitor coupled to the battery, the at least one capacitor beingcharged by the battery to generate a programming voltage, whereby thesecure encryption key memory is enabled to store the at least one datacommunications encryption key transmitted by the device communicationsunit; and a voltage regulator coupled to the at least one capacitor.There is also described (C16) The system of C15, further comprising aswitch disposed between the at least one capacitor and the secureencryption key memory, the programming voltage being supplied to thesecure encryption key memory when the switch is closed.

It will be apparent to those skilled in the art that variousmodifications and variations can be made to the present inventionwithout departing from the spirit and scope of the invention. Thus, itis intended that the present invention cover the modifications andvariations of this invention provided they come within the scope of theappended claims and their equivalents.

1. An electronic terminal comprising: a secure memory for storing atleast one encryption key; a read only memory for storing anauthorization code; an RF transceiver; and a programming voltage supplyunit adapted to convert an RF signal received via the RF transceiverinto a programming voltage to thereby enable the secure memory to storethe at least one encryption key received via the RF transceiverresponsive to receiving a first authorization code via the RFtransceiver and matching the first authorization code to a secondauthorization code stored in the read only memory.
 2. The terminal ofclaim 1, wherein the terminal comprises a keypad, a signature pad, acard reader, a bar code reader, and/or a point-of-sale transactionterminal.
 3. The terminal of claim 1, wherein the terminal is incommunication with a local area network.
 4. The terminal of claim 1,wherein the secure memory is implemented using a separate memory device.5. The terminal of claim 1, wherein the RF transceiver includes one ormore proximity features comprising an RF signal power level, an RFsignal angular directivity, and/or an RF signal polarity.
 6. Theterminal of claim 1, wherein the programming voltage supply unitcomprises a diode rectifying the RF signal to output a DC signal.
 7. Theterminal of claim 1, wherein the terminal is configured to store the atleast one encryption key received via the RF transceiver while not beingconnected to an external power supply.
 8. The terminal of claim 1,wherein the terminal is devoid of an internal battery.
 9. The terminalof claim 1, wherein the programming voltage supply unit comprises atleast one capacitor and a voltage regulator.
 10. The terminal of claim1, wherein the programming voltage supply unit comprises a voltageregulator and a switch electrically coupled to the voltage regulator,wherein the switch is controlled by a processor within the terminal. 11.The terminal of claim 1, comprising an operating voltage supply unitadapted to convert an RF signal received via the RF transceiver into anoperating voltage.
 12. A method for installing a data communicationsencryption key in an electronic terminal, the electronic terminalcomprising a secure encryption key memory location for storing the atleast one data communications encryption key, the method comprising:providing a portable keying device, whereby the portable keying deviceis physically separated from the electronic terminal; performing ahandshaking routine, whereby the keying device and the electronicterminal exchange handshaking messages; transmitting an encryption keyfrom the portable keying device to the electronic terminal; and storingthe encryption key transmitted from the portable keying device to theelectronic terminal in the secure key memory location.
 13. The method ofclaim 12, wherein the keying device and the electronic terminal exchangehandshaking messages by transmitting infrared signals having at leastone predetermined transmission characteristics.
 14. The method of claim12, wherein the keying device and the electronic terminal exchangehandshaking messages by transmitting audio signals having at least onepredetermined transmission characteristics.
 15. The method of claim 14,wherein the audio signals include DTMF signals.
 16. A method forinstalling a data communications encryption key in a terminal using aportable device, the method comprising: transmitting, with the portabledevice, a portable device authentication code; receiving, with theportable device, a terminal authentication code from the terminal;transmitting, with the portable device, an authorization code to theterminal; receiving, with the portable device, a signal indicating thatthe transmitted authorization code matches an authorization code storedin the terminal; transmitting, with the portable device, an installationmessage comprising an encryption key to the terminal.
 17. The method ofclaim 16, comprising receiving, with the portable device, the encryptionkey from the terminal.
 18. The method of claim 16, comprising:receiving, with the portable device, the encryption key from theterminal; and comparing, with the portable device, the encryption keytransmitted by the portable device to the terminal to the encryption keyreceived from the terminal.
 19. The method of claim 16, comprising:receiving, with the portable device, the encryption key from theterminal; comparing, with the portable device, the encryption keytransmitted by the portable device to the terminal to the encryption keyreceived from the terminal; and if the encryption key transmitted by theportable device to the terminal matches the encryption key received fromthe terminal, transmitting, with the portable device, a signalindicating that the encryption key transmitted by the portable device tothe terminal matches the encryption key received from the terminal tothe terminal.
 20. The method of claim 16, comprising: receiving, withthe portable device, the encryption key from the terminal; comparing,with the portable device, the encryption key transmitted by the portabledevice to the terminal to the encryption key received from the terminal;if the encryption key transmitted by the portable device to the terminalmatches the encryption key received from the terminal, transmitting,with the portable device, a signal indicating that the encryption keytransmitted by the portable device to the terminal matches theencryption key received from the terminal to the terminal; andreceiving, with the portable device, a signal from the terminalindicating that the terminal stored the encryption key into securememory.